Implement force ssl functions for mail.

ScIT-Raphael · ScIT-Raphael · commit d62ef1a28a12 · 2019-04-16T10:39:37.000+02:00
diff --git a/bin/v-add-mail-domain-ssl b/bin/v-add-mail-domain-ssl
@@ -73,6 +73,9 @@ if [ ! -z "$PROXY_SYSTEM" ]; then
     add_webmail_config "$PROXY_SYSTEM" "default.stpl"
 fi
 
+# Enable force ssl
+$BIN/v-add-mail-domain-ssl-force $user $domain
+
 # Increase value for domain
 increase_user_value "$user" '$U_MAIL_SSL'
 
diff --git a/bin/v-add-mail-domain-ssl-force b/bin/v-add-mail-domain-ssl-force
@@ -0,0 +1,80 @@
+#!/bin/bash
+# info: Adding force SSL for a mail domain
+# options: USER DOMAIN
+#
+# The function forces SSL for the requested domain.
+
+
+#----------------------------------------------------------#
+#                    Variable&Function                     #
+#----------------------------------------------------------#
+
+# Argument definition
+user=$1
+domain=$2
+
+# Includes
+source $HESTIA/func/main.sh
+source $HESTIA/conf/hestia.conf
+
+
+#----------------------------------------------------------#
+#                    Verifications                         #
+#----------------------------------------------------------#
+
+check_args '2' "$#" 'USER DOMAIN'
+is_format_valid 'user' 'domain' 'ssl_dir'
+is_object_valid 'user' 'USER' "$user"
+is_object_unsuspended 'user' 'USER' "$user"
+is_object_valid 'mail' 'DOMAIN' "$domain"
+is_object_unsuspended 'mail' 'DOMAIN' "$domain"
+
+
+#----------------------------------------------------------#
+#                       Action                             #
+#----------------------------------------------------------#
+
+# Load domain data
+eval $(grep "DOMAIN='$domain'" $USER_DATA/mail.conf)
+
+# Check if SSL is enabled
+if [ "$SSL" != 'yes' ]; then
+    echo "Error: SSL is not enabled"
+    exit $E_NOTEXIST
+fi
+
+# Check if proxy is active
+if [ ! -z "$PROXY_SYSTEM" ] || [ ! -z "$PROXY" ]; then
+    if ! grep --quiet "forcessl" $HESTIA/data/templates/mail/nginx/default.tpl; then
+        $BIN/v-update-web-templates
+    fi
+    forcessl="/home/$user/conf/mail/$domain/forcessl.$PROXY_SYSTEM.conf"
+else
+    if ! grep --quiet "forcessl" $HESTIA/data/templates/mail/nginx/default.tpl; then
+        $BIN/v-update-web-templates
+    fi
+    forcessl="/home/$user/conf/mail/$domain/forcessl.$WEB_SYSTEM.conf"
+fi
+
+# Insert redirect commands
+if [ ! -z $PROXY ]; then
+    echo 'return 301 https://$server_name$request_uri;' > $forcessl
+else
+    echo 'RewriteEngine On' > $forcessl
+    echo 'RewriteRule ^(.*)$ https://%{HTTP_HOST}$1 [R=301,L]' >> $forcessl
+fi
+
+
+#----------------------------------------------------------#
+#                       Hestia                             #
+#----------------------------------------------------------#
+
+# Restart web server
+$BIN/v-restart-web
+check_result $? "Web restart failed" > /dev/null
+
+# Restart proxy
+$BIN/v-restart-proxy
+check_result $? "Proxy restart failed" > /dev/null
+
+exit
diff --git a/bin/v-delete-mail-domain-ssl-force b/bin/v-delete-mail-domain-ssl-force
@@ -0,0 +1,57 @@
+#!/bin/bash
+# info: remove ssl force from domain
+# options: USER DOMAIN [RESTART]
+#
+# The function removes force SSL configurations.
+
+
+#----------------------------------------------------------#
+#                    Variable&Function                     #
+#----------------------------------------------------------#
+
+# Argument definition
+user=$1
+domain=$2
+restart=$3
+
+# Includes
+source $HESTIA/func/main.sh
+
+
+#----------------------------------------------------------#
+#                    Verifications                         #
+#----------------------------------------------------------#
+
+check_args '2' "$#" 'USER DOMAIN'
+is_format_valid 'user' 'domain' 'ssl_dir'
+is_object_valid 'user' 'USER' "$user"
+is_object_unsuspended 'user' 'USER' "$user"
+is_object_valid 'mail' 'DOMAIN' "$domain"
+is_object_unsuspended 'mail' 'DOMAIN' "$domain"
+
+
+#----------------------------------------------------------#
+#                       Action                             #
+#----------------------------------------------------------#
+
+# Load domain data
+eval $(grep "DOMAIN='$domain'" $USER_DATA/mail.conf)
+
+# Remove forcessl configs
+rm -f /home/$user/conf/mail/$domain/forcessl.*.conf
+
+
+#----------------------------------------------------------#
+#                       Hestia                             #
+#----------------------------------------------------------#
+
+# Restart services if requested
+if [ ! -z "$restart" ]; then
+    $BIN/v-restart-web
+    check_result $? "Web restart failed" >/dev/null
+
+    $BIN/v-restart-proxy
+    check_result $? "Proxy restart failed" >/dev/null
+fi
+
+exit
